package com.hhf.feiapiinterface.controller;



import com.hhf.feiapiclientsdk.entity.User;
import com.hhf.feiapiclientsdk.utils.SignUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;


/**
 * @Author hhf
 * @Date 2024/10/5
 * @Description
 */
@RestController
@RequestMapping("/hello")
public class HelloController {

    @GetMapping
    public String helloByGet(String name) {
        String text = "GET 你好," + name;
        return text;
    }

    @PostMapping
    public String helloByPost(@RequestParam String name) {
        String text = "POST hello," + name;
        return text;
    }

    @PostMapping("/body")
    public String helloByPost(@RequestBody User user, HttpServletRequest request) {

        //以下校验已整合至gateway,只需要实现业务逻辑即可
//        String accessKey = request.getHeader("accessKey");
////        String secretKey = request.getHeader("secretKey");        不能直接获取密钥
//        String body = request.getHeader("body");
//        String nonce = request.getHeader("nonce");
//        String timestamp = request.getHeader("timestamp");
//        String sign = request.getHeader("sign");
//
//        //1.权限校验,这里模拟使用"123",实际情况应从数据库查询校验权限
//        if (!"123".equals(accessKey)){
//            throw new RuntimeException("403无权限");
//        }
//        //2.随机数nonce校验,模拟存储5位随机数,实际情况可以存储至hashmap或者redis
//        if (Long.parseLong(nonce) < 1 ){
//            throw new RuntimeException("403无权限");
//        }
//        //3.时间戳校验,以实际情况为主
//        //...
//        //4.请求参数校验
//        //...
//
//        //5.sign校验
//        String dbSign = SignUtils.genSign(body, "hhf");
//        if (!sign.equals(dbSign)){
//            throw new RuntimeException("403无权限");
//        }

        String text = "POST 你好," + user;
        return text;
    }
}
